Method, system, and computer program product for computer system vulnerability analysis and fortification
First Claim
1. A method for detection and correction of security vulnerabilities in a computing environment, comprising:
- analyzing a software solution to identify legal and illegal external interfaces thereto;
attempting to access said software solution using the identified illegal external interfaces; and
storing a record of any illegal external interfaces that allow access to said software solution.
1 Assignment
0 Petitions
Accused Products
Abstract
A method, system, and computer program product for the automatic detection and fixing of security vulnerabilities in both individual software components and across complex, multi-component software solutions. The architecture of the software solution to be monitored is analyzed prior to its being monitored. Data derived from the analysis is used to proactively identify possible ways to attack the software solution. The software solution being monitored and the system on which it runs is periodically scanned, and attacks on it are attempted. A list of possible attacks is continuously updated, for example, in a manner similar to virus signatures provided by virus security companies, and a log is generated describing which attacks were successful and which ones failed.
-
Citations
21 Claims
-
1. A method for detection and correction of security vulnerabilities in a computing environment, comprising:
-
analyzing a software solution to identify legal and illegal external interfaces thereto;
attempting to access said software solution using the identified illegal external interfaces; and
storing a record of any illegal external interfaces that allow access to said software solution. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A system for detection and correction of security vulnerabilities in a computing environment, comprising:
-
means for analyzing a software solution to identify legal and illegal external interfaces thereto;
means for attempting to access said software solution using the identified illegal external interfaces; and
means for storing a record of any illegal external interfaces that allow access to said software solution. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A computer program product for detection and correction of security vulnerabilities in a computing environment, the computer program product comprising a computer-readable storage medium having computer-readable program code embodied in the medium, the computer-readable program code comprising:
-
computer-readable program code that analyzes a software solution to identify legal and illegal external interfaces thereto;
computer-readable program code that attempts to access said software solution using the identified illegal external interfaces; and
computer-readable program code that stores a record of any illegal external interfaces that allow access to said software solution. - View Dependent Claims (16, 17, 18, 19, 20, 21)
-
Specification